Description

HPE Aruba Networking Orchestrator - The orchestrator is the brains of the EdgeConnect Enterprise platform, allowing enterprises to centrally assign business intent policies to secure and control applications across the WAN.

HPE Aruba Networking EdgeConnect appliance - The appliances are the gateways at the edge with routing, security, advanced application visibility and control, and SD-WAN.

There exist 3 different hierarchy levels relevant to this application. The following APIs in this collection can be used to help manage/monitor appliances from two different hierarchy levels. Those levels are the Orchestrator level and the Appliance level.

Important: To prevent strain on the Orchestrator level, it is preferred that you utilize APIs at the Appliance Level.

Hierarchy Definitions:

Orchestrator-SP and Orchestrator Global Enterprise level:

For multi-tenant or multi-fabric SD-WAN deployments customers may leverage Orchestrator-SP or Orchestrator Global Enterprise to help them manage these deployments. In those situations, customers can access APIs at the Orchestrator-SP and Orchestrator Global Enterprise level to gain visibility and control over their multi-tenant environments.

Orchestrator level:

This reference point provides an SD-WAN fabric-wide view that encompasses not just the EdgeConnect appliances under its purview, but also access to resources and network-level information maintained at the Orchestrator level, such as topology, Business Intent Overlays, and application policies.

Appliance level:

This reference point applies natively offered network management protocols and/or fine-granular information that is only stored locally on the appliances.

Orchestrator Level Instructions

To view the list of available APIs, select the "Support" Tab, then "REST APIs".

Follow Steps:

Create an API key

• Inside Orchestrator
• Click on the Orchestrator tab.
• Under Users & Authentication, select API Keys.
• Click New API Key.
• Fill out the key name, description, set read/write permissions, and choose an expiration date for the key.
• Click Add.
• The API key will populate in the table below, where you can copy that key to your clipboard from the table for use later.

Add Authorization to Collection

• Inside Postman
• Click on "EdgeConnect SD-WAN" top level folder of Postman Collection
• On the right side window, select the Authorization tab
• In "Key" field paste X-Auth API Key that you created in Orchestrator

Add Orchestrator Base Url to Collection Variables

• Inside Orchestrator
• Select "Support" tab, then "REST APIs"
• Note the Servers: dropdown menu
• This menu holds the base url to your orchestrator instance ex: https://172.16.3.22/gms/rest/
• Locate the base url of your Orchestrator instance and copy the url up to and through /rest/
• Copy base url of Orchestrator
• Inside Postman
• Click on "EdgeConnect SD-WAN" top level folder of Postman Collection
• On the right side window, select the Variables tab
• Paste base url of Orchestrator instance into Current Value of orchestratorBaseUrl variable
• Now you are ready to make API calls to endpoints in the Orchestrator Level folder

Appliance Level Instructions

To view the list of available APIs, select the "Support" Tab, then "REST APIs".

Follow Steps:

Create Appliance Level User Credentials

• Inside Top Level Orchestrator
• Click on the Administration tab.
• Under Users & Authentication, select Users.
• In the left side menu, select the Appliance you would like to make a user for.
• In the table click "Edit/the edit icon".
• Under User Accounts in the pop-up window, click "Add".
• Add a username, write capability level ex: admin, fill in password and re-confirm password.
• Click "Save" in the bottom right corner of the pop-up window.
• Keep the username and password in mind to add into the postman collection.

Add Appliance User Info to Collection Variables

• Inside Postman
• Click on "EdgeConnect SD-WAN" top level folder of Postman Collection
• On the right side window, select the Variables tab
• In user field paste username you created in Orchestrator
• In password field paste password you created in Orchestrator

Add Appliance Base Url to Collection Variables

• Inside Appliance Orchestrator
• Select "Support" tab, then "REST APIs"
• Note the Servers: dropdown menu
• This menu holds the base url to your Appliance Orchestrator instance ex: https://172.16.3.22/rest/json/
• Locate the base url of your Appliance Orchestrator instance and copy the url up to and through /json/
• Copy base url of Appliance Orchestrator
• Return inside Postman
• Click on "EdgeConnect SD-WAN" top level folder of Postman Collection
• On the right side window, select the Variables tab
• Paste base url of Appliance Orchestrator instance into Current Value of applianceBaseUrl variable
• Now you are ready to make API calls to endpoints in the Appliance Level folder

Making API Calls at Appliance Level

• To make API calls at the appliance level you must complete a login/logout of user credentials for each Session of API calls
• To begin you must go to the "login" folder within the Appliance Level folder.
• In this folder there are 3 requests
  • Create a new authenticated HTTP session
  • Determine if the session denoted by the cookie 'vxoaSessionID' in the HTTP header is still authenticated
  • Logout of session denoted by the cookie 'vxoaSessionID' in the HTTP header
• To begin making API calls you must go to the first POST request and submit hit "Send"
• This will authenticate this session of API calls being made at the Appliance Level.
• You can then do a get request to check on if your session in still authenticated using the 2nd of those 3 requests.

Important: When you are done making API calls at the Appliance level you must logout of your session. If you do not log out and attempt to make more API calls at the Appliance level with an expired session, none of you API calls will function as intended.